What is personal data?

The following information is sensitive personal data:

• Details of racial or ethnic origin
• Political, religious or philosophical beliefs
• Trade union affiliation
• The processing of genetic data and/or biometric data for the purpose of uniquely identifying a natural person
• Health details
• Information about a person's sex life or sexual orientation. 

Personal data that does not fall under the category of ‘sensitive personal data’ can be referred to as ‘general/ordinary personal data’.

Ordinary personal data may include personal identification details such as name and address, customer relationships, personal finances, tax-related matters, debts, sick days, work-related circumstances, family circumstances, residence, car, qualifications, applications, CV, date of employment, position, area of work, work phone, key data: name, address, date of birth, IP address or other similar non-sensitive information. 

Details of criminal offences may be information that a person has committed a particular offence, but it may also be e.g. information that a person is serving a prison sentence. In other words, details of criminal offences are information which can be used to deduce that a person has committed a criminal offence. Rules for the processing of information concerning criminal offences are not laid down in the regulation, but will be determined in the individual countries. 

Source: The Danish Data Protection Agency 

CPR nos. are confidential information. 

The rules for the processing of national identity numbers (in Denmark, CPR nos.) are not stated in the General Data Protection Regulation.